虚拟计算环境下的信任管理研究
|
摘要
互联网是计算机技术与通信技术融合的产物,经过近40年的发展,互联网已成为人们日常生活的一部分。随着互联网应用的不断深入,互联网已汇集了海量的计算机信息资源,包括数据资源、应用资源以及计算机设备资源,这些信息资源已经成为社会资源的重要组成部分。然而,目前互联网资源的共享和综合利用还存在突出、亟需解决的问题。首先,互联网资源的突出问题是利用率低,特别是综合利用水平低;其次,互联网资源存在着局部滥用、缺少服务的安全保证机制问题。基于互联网的虚拟计算环境的研究是对上述问题的一个探索。信任管理体系是虚拟计算环境的一个基础组件,其研究的目的是为虚拟计算环境中资源按需聚合和自主协同的安全性、可依赖性及协同行为的可信性提供保证,以创建一个安全、和谐的计算环境。
由于互联网的开放性、不可控性及其资源的自治性,资源聚合与协同环境存在的不完整性、不一致性和不确定性等问题,传统的基于集中管理的安全机制已经不再适用。在虚拟计算环境中,服务提供者和服务请求者没有预先定义的授权关系,交互的双方必须在一些不确定的因素下做出安全决策,因此,信任是开放环境下有效交互的前提,这个过程和人类社会生活中基于合作方不确定期望行为的信任决策是相似的。通常来说,信任具有主观性,基于历史交互,与交互上下文有关,以及基于信誉和信任推荐。如何利用信任概念构建虚拟计算环境的信任管理框架,解决自主元素交互过程的可信服务选取、信任计算、风险评估以及利用信誉机制实现虚拟共同体聚合和自主元素交互的激励机制是本文研究的重点。
针对上述问题,本文主要进行了以下创新性的研究工作:
(1)提出了基于信任概念的可信保证框架。虚拟计算环境的信任管理框架主要由身份管理系统、证据管理系统和信任计算系统三个部分组成。信任管理是在自主元素级别上实现的,自主元素一方面根据信任证据具有识别未知自主元素身份信息和行为特性的能力;另一方面根据信任计算和风险评估具有自主确定协同行为的能力。这个机制并不需要集中的身份签发机构,也不需要预先设定的授权策略。因此,该模型可以解决虚拟计算环境下可信保证体系的自治性和动态性要求。
(2)提出了基于贝叶斯分析的信任模型,分析了该算法解决虚拟计算环境中自主元素可信度计算、虚拟共同体服务选取的计算过程。通过仿真实验证明基于该算法信任模型对主观先验敏感以及对可信交互具有激励作用。
(3)提出了基于FMEA方法的风险评估模型。该模型不仅考虑了交互的历史信息,还与交互环境的上下文相关。仿真实验表明FMEA风险模型可以有效地促进交互并降低交互风险。
(4)提出了基于证据理论的全局信誉算法,利用该算法提出了一种基于全局信誉的虚拟共同体聚合机制,仿真实验表明该机制可以有效地差异化虚拟共同体全局信誉,从而达到自主元素信誉激励的作用。
As an outcome of the interactions of communication and computing technologies, Internet has become a part of our daily life after its 40 years’growth. With the popularity of internet applications, there are vast kinds of resources over Internet, including information resources, application resources and computer devices. Internet resources have become a part of resources of human societies. However, nowadays there are prominent and urgent problems in the sharing and utilization of Internet resoures. First, the usage ratio of sharing resources in the Internet is significantly low while a large number of resources are abused; secondly, there lacks a reliable security assurance for distributed interaction. To meet these challenges, a new platform as Internet-based Virtual Computing Environment (iVCE) is proposed. The initiative of iVCE aims to provide the end users and applications with a harmonious, trustworthy and transparent integrated computing environment which will facilitate sharing and collaborating of network resources between applications. Trust management is an elementary component for iVCE which aims to provide the assurance of safety, dependence and credibility for the on-demand aggregation and autonomic collaboration behavior of resources to create a secure and harmonious computing environment.
Because of the open and incontrollable nature of internet resources, the iVCE has the dynamic and inconsistent characteristics of on-demand aggregation and autonomic collaboration. Thus the traditional security mechanism which often needs central-based official certificate is unable to meet the requirement of iVCE. In iVCE, there is no predefined authorizing or authorized relationship between service provider and service requester. Therefore trust is a prerequisite for interactions, which is similar to human behavior of estimating the extent to which one party is willing to depend on somebody in a given situation with a feeling of relative security, even though negative consequences are possible. In general, trust is subjective, context dependent, personal experience based, reputations related, and recommendation aggregated. The aim of this thesis is to construct the trust management framework for iVCE based on the notion of human trust, to study the selection of proper service provider, trust calculation, risk evaluation during interactions of autonomic elements, to design an incentive mechanism based on reputation management. Our main achievements are as follows:
1. A trust management framework is proposed based on the notion of human trust according to characteristics of iVCE. It includes three layers as Identity Management System (IMS), Evidence Management System (EMS), and Trust Calculation System (TCS). Because the trust management system is implemented on the level of the autonomic element, the autonomic element is able to identify the behavior and identity of unkown entities, and to make autonomic trust decision based trust calculation and risk evaluation. Such mechanism does not need a centralized authority and predefined authorization; therefore, it can match the requirements of security mechanism in iVCE.
2. A Bayesian analysis-based trust model is presented which aims at the requirement for the trust management to be subjective, historical evidence based and context dependent. The model gives a solution for selection of proper service provider, trust calculation and recommendation trust evolutions.
3. A risk evaluation model is proposed based on FMEA analysis. The model is context dependent and historical interactions related.
4. An aggregation mechanism for virtual commonwealth based on global repution management is proposed. Reputation drives autonomic elements which provide positive interations to join virtual commonwealth with higher reputition for more reliable interations, thereby it facilitates the stabilization of iVCE; on the other hand, autonomic elements which provide negative interactions will be abandoned by virtual commonwealth, and gradually isolated, thereby it stimulate autonomic elements to improve the quality of service. In general, the reputation incentive mechanism promotes autonomic elements to be willing to provide positive interations.
由于互联网的开放性、不可控性及其资源的自治性,资源聚合与协同环境存在的不完整性、不一致性和不确定性等问题,传统的基于集中管理的安全机制已经不再适用。在虚拟计算环境中,服务提供者和服务请求者没有预先定义的授权关系,交互的双方必须在一些不确定的因素下做出安全决策,因此,信任是开放环境下有效交互的前提,这个过程和人类社会生活中基于合作方不确定期望行为的信任决策是相似的。通常来说,信任具有主观性,基于历史交互,与交互上下文有关,以及基于信誉和信任推荐。如何利用信任概念构建虚拟计算环境的信任管理框架,解决自主元素交互过程的可信服务选取、信任计算、风险评估以及利用信誉机制实现虚拟共同体聚合和自主元素交互的激励机制是本文研究的重点。
针对上述问题,本文主要进行了以下创新性的研究工作:
(1)提出了基于信任概念的可信保证框架。虚拟计算环境的信任管理框架主要由身份管理系统、证据管理系统和信任计算系统三个部分组成。信任管理是在自主元素级别上实现的,自主元素一方面根据信任证据具有识别未知自主元素身份信息和行为特性的能力;另一方面根据信任计算和风险评估具有自主确定协同行为的能力。这个机制并不需要集中的身份签发机构,也不需要预先设定的授权策略。因此,该模型可以解决虚拟计算环境下可信保证体系的自治性和动态性要求。
(2)提出了基于贝叶斯分析的信任模型,分析了该算法解决虚拟计算环境中自主元素可信度计算、虚拟共同体服务选取的计算过程。通过仿真实验证明基于该算法信任模型对主观先验敏感以及对可信交互具有激励作用。
(3)提出了基于FMEA方法的风险评估模型。该模型不仅考虑了交互的历史信息,还与交互环境的上下文相关。仿真实验表明FMEA风险模型可以有效地促进交互并降低交互风险。
(4)提出了基于证据理论的全局信誉算法,利用该算法提出了一种基于全局信誉的虚拟共同体聚合机制,仿真实验表明该机制可以有效地差异化虚拟共同体全局信誉,从而达到自主元素信誉激励的作用。
As an outcome of the interactions of communication and computing technologies, Internet has become a part of our daily life after its 40 years’growth. With the popularity of internet applications, there are vast kinds of resources over Internet, including information resources, application resources and computer devices. Internet resources have become a part of resources of human societies. However, nowadays there are prominent and urgent problems in the sharing and utilization of Internet resoures. First, the usage ratio of sharing resources in the Internet is significantly low while a large number of resources are abused; secondly, there lacks a reliable security assurance for distributed interaction. To meet these challenges, a new platform as Internet-based Virtual Computing Environment (iVCE) is proposed. The initiative of iVCE aims to provide the end users and applications with a harmonious, trustworthy and transparent integrated computing environment which will facilitate sharing and collaborating of network resources between applications. Trust management is an elementary component for iVCE which aims to provide the assurance of safety, dependence and credibility for the on-demand aggregation and autonomic collaboration behavior of resources to create a secure and harmonious computing environment.
Because of the open and incontrollable nature of internet resources, the iVCE has the dynamic and inconsistent characteristics of on-demand aggregation and autonomic collaboration. Thus the traditional security mechanism which often needs central-based official certificate is unable to meet the requirement of iVCE. In iVCE, there is no predefined authorizing or authorized relationship between service provider and service requester. Therefore trust is a prerequisite for interactions, which is similar to human behavior of estimating the extent to which one party is willing to depend on somebody in a given situation with a feeling of relative security, even though negative consequences are possible. In general, trust is subjective, context dependent, personal experience based, reputations related, and recommendation aggregated. The aim of this thesis is to construct the trust management framework for iVCE based on the notion of human trust, to study the selection of proper service provider, trust calculation, risk evaluation during interactions of autonomic elements, to design an incentive mechanism based on reputation management. Our main achievements are as follows:
1. A trust management framework is proposed based on the notion of human trust according to characteristics of iVCE. It includes three layers as Identity Management System (IMS), Evidence Management System (EMS), and Trust Calculation System (TCS). Because the trust management system is implemented on the level of the autonomic element, the autonomic element is able to identify the behavior and identity of unkown entities, and to make autonomic trust decision based trust calculation and risk evaluation. Such mechanism does not need a centralized authority and predefined authorization; therefore, it can match the requirements of security mechanism in iVCE.
2. A Bayesian analysis-based trust model is presented which aims at the requirement for the trust management to be subjective, historical evidence based and context dependent. The model gives a solution for selection of proper service provider, trust calculation and recommendation trust evolutions.
3. A risk evaluation model is proposed based on FMEA analysis. The model is context dependent and historical interactions related.
4. An aggregation mechanism for virtual commonwealth based on global repution management is proposed. Reputation drives autonomic elements which provide positive interations to join virtual commonwealth with higher reputition for more reliable interations, thereby it facilitates the stabilization of iVCE; on the other hand, autonomic elements which provide negative interactions will be abandoned by virtual commonwealth, and gradually isolated, thereby it stimulate autonomic elements to improve the quality of service. In general, the reputation incentive mechanism promotes autonomic elements to be willing to provide positive interations.
引文
[1] Hoffman Donna, Novak Thomas, Venkatesh Alladi. Has the Internet Become Indispensable? Communications of the ACM, 2004,47(7): 37-42
[2] Xicheng Lu, Huaimin Wang, Ji Wang. Internet-based Virtual Computing Environment (iVCE): Concepts and Architecture. Science in China Series F: Information Sciences , Dec 2006, 49(6) : 681-701
[3]常志明,毛新军,齐治昌,基于Agent的网构软件构件模型及其实现,软件学报, 2008年5月,19(5):1113-1124
[4] Ji Wang; Rui Shen; Zhu, H.Caste-centric agent-oriented programming, Quality Software, 2005. (QSIC 2005). Volume , Issue , 19-20 Sept. 2005 : 431 - 436
[5] WANG Huaimin, TANG Yangbin, YIN Gang & LI Lei. Trustworthiness of Internet-based software. Science in China Series F: Information Sciences ,2006,49(6): 759-773
[6] Anderson J P. Computer Security Technology Planning Study. ESD-TR-73-51, Vol. I, AD-758 206, ESD/AFSC, Hanscom AFB, Bedford MA, October 1972
[7] Friedman B, Kahn P H Jr, Howe D C. Trust online. Comm of the ACM, 2000, 43(12): 34-40
[8] Feiertag R., K. Levitt, et al. (1977). Proving Multilevel Security of a System Design. Proceedings of the 6th ACM Symposium on Operating Systems Principles:57 - 65.
[9] D. Bell, L. LaPadula. Secure Computer Systems: Mathematical foundations. Technical Report: MTR-2547, Vol. I-III, MITRE Corporation, Bedford, MA, Nov. 1973.
[10] Osborn S., R. Sandhu, et al. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 2000, 3(2): 85 - 106.
[11] B. Lampson. Protection. in Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, 1971,Princeton University: 437-443
[12] Sandhu R. S., E. J. Coyne, H. L. Feinstein, et al. Role-based Access Control Models. IEEE Computer, 1996, 29(2) : 38-47.
[13] D. Ferraiolo, J.Cugini, and D.R.Kuhn.Role Based Access Control: Features and Motivations. In Annual Computer Security Applications Conference. IEEE Computer Society Press, 1995.
[14] M. Nyanchama, S. Osborn. The Role Graph Model and Conflict of Interest. AsCM Transactionson Information and System Security, Feb 1999, vol. 2:3-33
[15] Osborn S., R. Sandhu, et al. Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security. 2000, 3(2): 85 - 106.
[16] Roger M. Needham, Michael D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communication of the ACM,1978, 21(12):993–99
[17] Dorothy E. Denning, Giovanni Maria Sacco. Timestamps in Key Distribution Protocols. Communication of the ACM, 1981,24(8):533–536
[18] R M Needham, M D Schroeder. Authentication Revisited. SIGOPS Oper. Syst. Rev.,1987, 21(1):7-7
[19] Dave Otway , Owen Rees. Efficient and Timely Mutual Authentication. SIGOPS Oper. Syst. Rev.,1987, 21(1):8–10
[20] S. P. Miller, B. C. Neuman, J. I. Schiller, et al. Kerberos Authentication and Authorization System. Technical report, 1987
[21] J. Steiner, C. Neuman, J. Schiller. An Authentication Service for Open Network Systems,1988.
[22] Matt Blaze, Joan Feigenbaum, Jack Lacy. Decentralized trust management. In SP’96: Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society ,1996, Washington, DC,USA :164–173
[23] P. R. Zimmermann. The Official PGP User's Guide. Cambridge, MA, USA, MIT Press, 1995
[24] S. Garfinkel. PGP: Pretty Good Privacy. Sebastopol, CA: O'Reilly & Associates, Inc., 1995.ISBN 1-56592-098-8.
[25] ITU-T (Telecommunication Standardization Sector, International Telecommunication Union), Geneva, Switzerland, ITU-T Recommendation X.509: The Directory-Public-Key and Attribute Certificate Frameworks, 2000.
[26] CCITT (Consultative Committee on International Telegraphy and Telephony), CCITT Recommendation X.509: The Directory -Authentication Framework, 1988
[27] ITU-T (Telecommunication Standardization Sector, International Telecommunication Union), Geneva, Switzerland, ITU-T Recommendation X.509: The Directory-Authentication Framework,1997
[28] R. Housley, W. Ford, W. Polk, et al. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, RFC 2459, Internet Engineering Task Force, Jan. 1999.
[29] ANSI (American National Standards Institute), Washington, DC, ANSI X9.45: Enhanced Management Controls Using Digital Signatures and Attribute Certificates, 1999.
[30] S. Farrell, R. Housley. An Internet Attribute Certificate Profile for Authorization, Internet Draft draft-ietf-pkix-ac509prof-09, Internet Engineering Task Force, June 2001.
[31] Richard Hayton, Ken Moody. An Open Architecture for Secure Interworking Services. In Proceedings of the 7th workshop on ACM SIGOPS European workshop, 1996,New York, NY, USA:233–240
[32] R. J. Hayton, J. M. Bacon, K. Moody. Access Control in an Open Distributed Environment. In IEEE Symposium on Security and Privacy, May 1998: 3–14
[33] C. M. Ellison. SPKI Requirements, RFC 2692, Internet Engineering Task ForceDraft IETF,Sept. 1999
[34] C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, et al. SPKI Certificate Theory, RFC 2693, Internet Engineering Task Force, Sept. 1999.
[35] M. Blaze, J. Feigenbaum, J. Ioannidis, et al. The KeyNote Trust Management System. Internet Request for Comment RFC 2704, Internet Engineering Task Force, Sept. 1999. Version 2.
[36] Matt Blaze, Joan Feigenbaum, and Angelos D. Keromytis. Keynote: Trust Management for Public Key Infrastructures. In Security Protocols - 6th International Workshop,Apr 1999 Springer-Verlag, LNCS(1550): 59–63
[37] Amir Herzberg, Yosi Mass, Joris Michaeli, et al. Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers, [C].Proceedings of the 2000 IEEE Symposium on Security and Privacy , 2000: 2-13
[38] Yang-Hua Chu, Joan Feigenbaum, Brian LaMacchia et al. REFEREE: Trust Management for Web Applications. [C].In Proceedings of 6h International World-Wide Web Conference ,Santa Clara, CA, April 1997: 953– 964
[39] W. Diffie and M. Hellman. New directions in cryptography. Information Theory, IEEE Transactions on,1976, 22(6):644–654
[40] Loren M. Kohnfelder. Towards a Practical Public-key Cryptosystem. B.S. Thesis, Supervised by L.Adleman, May 1978.
[41] International Telecommunications Union. ITU-T. 2000. Recommendation X.509, ISO/IEC 9594-8. Information technology—open systems interconnection—the directory: Public-key and attribute certificate frameworks, 4th ed. 2000.
[42] G. W. Neufeld. Descriptive Names in X.500. In SIGCOMM’89: Symposium proceedings on Communications architectures & protocols, New York, NY, USA,1989: 64–71
[43] International Telecommunications Union. ITU-T. 1997. Recommendation X.509, ISO/IEC 9594–8. Information Technology—Open Systems Interconnection—the Directory: Authentication Framework, 3rd ed. 1997.
[44] R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, 1999.
[45] Ilari Lehti , Pekka Nikander. Certifying Trust. In PKC’98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, London, UK, 1998: 83–98
[46] Ilari Lehti, Pekka Nikander. Certifying Trust. In PKC’98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, London, UK, 1998.Springer-Verlag.pages:83–98
[47] Audun J?sang, Ingar Glenn Pedersen, Dean Povey. PKI Seeks a Trusting Relationship. In ACISP'2000: Proceedings of the 5th Australasian Conference on Information Security and Privacy, London, UK, 2000. Springer-Verlag: 191–205
[48] Myers M., Ankney R., Malpani A., et al. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP, 1999
[49] Philip Zimmermann. PGP Source Code and Internals. MIT Press, Cambridge, MA, USA, 1995.
[50] International Telecommunications Union. Itu-T. 1997. Recommendation x.509, ISO/IEC 9594–8. Information Technology—Open Systems Interconnection—the Directory: Authentication Framework, 3rd ed. 1997.
[51] ANSI (American National Standards Institute). ANSI X9.45: Enhanced Management Controls Using Digital Signatures and Attribute Certificates. 1999
[52] W. Johnston, S. Mudumbai, M. Thompson. Authorization and Attribute Certificates for Widely Distributed Access Control. In WETICE’98, the 7th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. IEEE Computer Society Press, June 1998
[53] M. Thompson, W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, et al. Certificate-based Access Control for Widely Distributed Resources. In Proceedings of the 8th USENIX Security Symposium (SECURITY-99), Berkely, CA, 1999 : 215–228
[54] Ian Foster, Carl Kesselman, Gene Tsudik, et al. A Security Architecture for Computational Grids. In CCS’98: Proceedings of the 5th ACM conference on Computer and communications security, New York, NY, USA, 1998. ACM Press: 83–92
[55] Randy Butler, Von Welch, Douglas Engert, et al. A National-scale Authentication Infrastructure. Computer,33(12), 2000:60–66
[56] David W. Chadwick ,Alexander Otenko. RBAC Policies in Xml for X.509 Based Privilege Management. In SEC’02: Proceedings of the IFIP TC11 17th International Conference on Information Security, Deventer, The Netherlands, The Netherlands, 2002. Kluwer, B.V: 39–54,
[57] Richard Hayton, Ken Moody. An Open Architecture for Secure Interworking Services. In Proceedings of the 7th workshop on ACM SIGOPS European workshop, New York, NY, USA, 1996. ACM Press: 233–240
[58] R. J. Hayton, J. M. Bacon, K. Moody. Access Control in an Open Distributed Environment. In IEEE Symposium on Security and Privacy, May 1998: 3–14
[59] Walt Yao, Ken Moody, Jean Bacon. A model of oasis role-based access control and its support for active security. In SACMAT’01: Proceedings of the sixth ACM symposium on Access control models and technologies, New York, NY, USA, 2001. ACM Press: 171–181
[60] Carl M. Ellison. Establishing Identity without Certification Authorities. In Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, jul 1996. USENIX Association: 67–76
[61] IETF. Simple Public Key Infrastructure (SPKI). February 2001
[62] R. Rivest, B. Lampson. SDSI - a Simple Distributed Security Infrastructure. In CRYPTO’96 Rumpsession, 1996
[63] C. Ellison. Rfc2692,spki requirements, 1999
[64] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. SPKI Certificate Theory, 1999
[65] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. Simple Public Key Certicate. Internet Draft draft-ietf-spki-cert-structure-06, 1999
[66] Matt Blaze, Joan Feigenbaum, Martin Strauss. Compliance Checking in the Policymaker Trust Management System. In FC’98: Proceedings of the Second International Conference on Financial Cryptography London, UK, 1998. Springer-Verlag: 254–274
[67] M. Blaze, J. Feigenbaum, J. Lacy. Managing Trust in Medical Information Systems, 1996.
[68] M. Blaze, J. Ioannidis, A. Keromytis. Trust Management for IPSEC. ACM Trans. Inf. Syst. Secur,2002, 5(2):95–118
[69] M. Blaze, J. Feigenbaum, P. Resnick, and M. Strauss. Managing trust in an information-labeling system. European Transactions on Telecommunications, 1997,8(5):491–501
[70] M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis, The KeyNote trust management system, Internet Request for Comment RFC 2704, Internet Engineering Task Force, Sept. 1999. Version 2.
[71] Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss, REFEREE: Trust management for web applications, in Proc. 6h International World-Wide Web Conference (WWW6, Santa Clara, CA), Apr. 1997
[72] A. Herzberg et al., Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers. IEEE Symp. Security and Privacy, 2000
[73] IBM, IBM Trust Establishment Policy Language, http://www.haifa.il.ibm.com/projects/software/e-Business/TrustManager/PolicyLanguage.html
[74] N. Li, J. C. Mitchell, W. H. Winsborough. Design of a Role-based Trust-management Framework, in IEEE Symposium on Security and Privacy,Los Angeles, CA, IEEE Computer Society Press, May 2002: 114-130
[75] S. Marsh. Formalising Trust as a Computational Concept. 1994.
[76] Alfarez Abdul-Rahman,Stephen Hailes. Supporting Trust in Virtual Communities. In HICSS’00: Proceedings of the 33rd Hawaii International Conference on System Sciences-Volume 6, page 6007, Washington, DC, USA, 2000. IEEE Computer Society
[77] Golbeck, J. Computing and Applying Trust in Web-Based Social Networks. PhD thesis, University of Maryland, College Park (2005)
[78] Golbeck, J., Hendler, J. Filmtrust: Movie recommendations using trust in webbased social networks. In: Proc. of the Consumer Communications and Networking Conference. (2006)
[79] Thomas Beth, Malte Borcherding, Birgit Klein. Valuation of Trust in Open Networks. In ESORICS’94: Proceedings of the Third European Symposium on Research in Computer Security London, UK, 1994. Springer-Verlag: 3–18
[80] P. Herrmann H. Krumm. Trust-adapted enforcement of security policies in distributed component-structured applications. In ISCC’01: Proceedings of the Sixth IEEE Symposium on Computers and Communications, page 2, Washington, DC, USA, 2001. IEEE Computer Society.
[81] J?song A., Knapskog S. A metric for trusted systems. In Proc. 21st National Security Conference, pages 16–29, 1998
[82] J?song A. A logic for Uncertain Probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,2001, 9(3) : 279–311
[83] J?song A. Trust-based decision making for electronic transactions. In on Secure IT Systems (NORDSEC’99), Stockholm, Sweden, 1999.
[84] J?song A. The right type of trust for distributed systems. In NSPW’96: Proceedings of the 1996 workshop on New security paradigms, New York, NY, USA, 1996. ACM Press: 119–131,
[85] J?song A. A model for trust in security systems. In Proceedings of the 2nd Nordic Workshop on Secure Computer Systems, 1997.
[86] J?song A. A subjective metric of authentication. In ESORICS’98: Proceedings ofthe 5th European Symposium on Research in Computer Security, London, UK, 1998. Springer-Verlag: 329–344,
[87] Cahill, V., et al. Using trust for secure collaboration in uncertain environments. IEEE Pervasive Computing 2/3 (2003):52–61
[88] Carbone, M., Nielsen, M., Sassone, V. A formal model for trust in dynamic networks. In: Proc. of IEEE International Conference on Software Engineering and Formal Methods, Brisbane, Australia, IEEE Computer Society (2003)
[89] Sabater, J., Sierra, C.: Reputation and social network analysis in multi-agent systems. In: Proc. of the 1st International Joint Conference on Autonomous Agents and Multiagent Systems, New York, NY, USA, ACM Press (2002):475–482
[90] Sabater, J.: Trust and reputation for agent societies. PhD thesis, Institut Investigacion en Intelligencia Artificial, Spain (2003)
[91] Estrin, D. (1986). Inter-organization networks: implications of access control: requirements for interconnection protocol. ACM SIGCOMM Conference on Communications Architectures & Protocols, Stowe, VT, USA: 254 - 264.
[92] Luhmann, N. (1979). Trust and Power, John Wiley & Sons Inc.
[93] Solomon, R. and F. Flores (2001). Building Trust. New York, NY, Oxford University Press.
[94] Gambetta D. Can we trust trust? In: Gambetta D, ed. Trust: Making and Breaking Cooperative Relations. Basil Blackwell: Oxford Press, 1990:213-237.
[95] Aberer, K. and Z. Despotovic (2001). Managing trust in a peer-2-peer information system. Proceedings of the 10th International Conference on Information and Knowledge Management, Atlanta, GA:310 - 317.
[96] D.H. McKnight, N.L. Chervany. The Meaning of Trust. Techinical Report MISRC Working Paper Series 96-04, University of Minnesota, Management Information System Research Center, 1996
[97] J.F. Anderson, R. L. Brown. Risk and Insurance. Number 1-21-00 in Study Notes.Society of Actuaries, 2000
[98] Grandison, T. and Sloman, M. A Survey of Trust in Internet Applications. IEEE CommunicationsSurveys, 3(4), Fourth Quarter 2000:2–16
[99] William Joseph Adams. Decentralized Trust-Based Access Control for Dynamic Collaborative Environments, PhD paper, Virginia Polytechnic Institute and State University
[100] Keser, C. Experimental games for the design of reputation management systems. IBM Systems Journal 42(3): 498 - 506.
[101] Buchegger, S. and J.-Y. Le Boudec . A Robust Reputation System for Mobile Ad-Hoc Networks. Technical Report, Ecole Polytechnic Federal de Lausanne, July 2003.
[102] P. Resnick and R. Zeckhauser. Trust among strangers in internet transactions: Empirical analysis of ebay’s reputation system. In The Econ. Internet and EComm., volume 11 of Advances in App. Microec. Elsevier Science, 2002.
[103] J?song, A. The Beta reputation system. 15th Bled Electronic Commerce Conference e-Reality: constructing the e-Economy June 2002.
[104] R. Falcone and C. Castelfranchi. Social Trust: A Cognitive Approach, Kluwer, 2001:55-99
[105] Povey, D. Developing Electronic Trust Policies Using a Risk Management Model. In Proc. of the Secure Networking - CQRE (Secure)’99, International Exhibition and Congress, LNCS 1740, Dusseldorf, Germany, November 30 - December 2 1999. Springer:1-16
[106] J?sang, A. and S. L. Presti . Analysing the Relationship between Risk and Trust. Proceedings of the 2nd International Conference in Trust Management (iTrust 2004), Oxford, UK, 29 March - 1 April 2004:135 - 145.
[107] Prietula, M. Advice, Trust, and Gossip Among Artificial Agents. Simulating Organizational Societies: Theories, Models, and Ideas. A. Lomi and E. Larsen. Cambridge, MA, MIT Press.
[108] Prietula, M. and K. Carley (2001). Boundedly rational and emotional agents - cooperation trustand rumor. Trust and Deception in Virtual Societies. C. Castelfranchi and Y.-H. Tan. Norwood, MA, Kluwer Academic Publisher: 169– 193
[109] Sebastian Ries, Jussi Kangasharju, and Max Mühlh?user, A Classification of Trust Systems. OTM Workshops 2006, LNCS 4277: 254 - 264.
[110] James O.Berger. Statistical decision theory and Bayesian analysis (second edition).Springer-Verlag, New York Inc, 1985.
[111]盛骤,谢式千,潘承毅.概率论与数理统计.北京高等教育出版社. 2004年4月.
[112] Ireson, G., Coombs, W., Clyde, F., and Richard Y. Moss (1995). Handbook of Reliability Engineering and Management. McGraw-Hill Professional; 2nd edition
[113] Chrysler Corporation, Ford Motor Company, and General Motors Corporation (1995), Potential Failure Mode And Effect analysis (FMEA) Reference Manual.
[114] Bachmann, R. Trust, Power and Control in Trans-Organizational Relations. Organization Studies, 2001(2):341–369
[115] T Grandison. Trust Management for Internet Applications. PhD thesis, University of London,July 2003.
[116] Nathan Dimmock, Jean Bacon, David Ingram, and KenMoody, Risk models for trust-based access control (TBAC). In Proceedings of the Third Annual Conference onTrust Management (iTrust 2005), volume 3477 of LNCS.Springer-Verlag, May 2005:364-371
[117] Nathan Dimmock, How much is“enough”? Risk in Trust-based Access Control. In proceedings of The Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises(WETICE’03), 2003: 1080-1383
[118] Hung, G.Q., Nie, M., Mark, K.L.: Web-based failure mode and effect analysis, Comput. Ind. Eng., 1999(37): 177–180
[119] David D. Clark, David R. Wilson, A Comparison of Commerical and Military Computer Security Policies. 1987 IEEE Symposium on Security and Privacy: 184-195
[120] Foster I, Kesselman C. The Grid 2: Blueprint for a New Computing Infrastructure. San Francisco: Morgan Kaufmann Publishers, 2004.
[121] Oram A. Peer-to-Peer: Harnessing the Power of Disruptive Technologies. Sebastopol: O’Reilly and Associates, 2001.
[122] eMule. 2006. http://www.emule-project.net
[123] KaZaA file sharing network. 2002. http://www.kazaa.com
[124] Hughes D, Coulson G, Walkerdine J. Free riding on gnutella revisited: The bell tolls? IEEE Distributed System Online, 2005,6(6).
[125] Bernardo EA, Huberman A. Free riding on Gnutella. Technical Report, SSL-00-63, Xerox PARC, 2000.
[126] Kamvar SD, Schlosser MT. EigenRep: Reputation management in P2P networks. In: Proc. of the 12th Int'l World Wide Web Conf. New York: ACM Press, 2003:123-134.
[127] Chang E, Dillon T, Hussain FK. Trust and Reputation for Service-Oriented Environments: Technologies for Building Business Intelligence and Consumer Confidence. West Sussex: John Wiley & Sons, 2005.
[128]唐扬斌,王怀民,常俊胜.自组织虚拟计算环境中的组信誉机制.软件学报, Vol.18, No.8, August 2007:1968-1986.
[129] Kamvar SD, Schlosser MT, Garcia-Molina H. The EigenTrust algorithm for reputation management in P2P networks. In: Proc. of the 12th Int’l World Wide Web Conf. New York: ACM Press, 2003:640-651.
[130] Obreiter P, Nimis J. A taxonomy of incentive patterns—The design space of incentives for cooperation. In: Moro G, Sartori C, Singh MP, eds. Proc. of the2nd Int’l Workshop on Agents and P2P Computing. LNCS 2872, Melbourne: Springer-Verlag, 2003:678-685.
[131] G Shafer. A Mathematical Theory of Evidence. Princeton University Press, Princeton, NJ, 1976
[132] Kari Sentz. Combination of Evidence in Dempster-Shafer Theory. April 2002
[133] Gu Bao-jun, Li Xiao-yong, Wang Wei-nong. Selection of trusted providers by enforcing Bayesian Analysis in iVCE. Journal of Donghua University,2008.
[134]窦文,王怀民,贾焰,邹鹏.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报,2004,1(4):571-583
[2] Xicheng Lu, Huaimin Wang, Ji Wang. Internet-based Virtual Computing Environment (iVCE): Concepts and Architecture. Science in China Series F: Information Sciences , Dec 2006, 49(6) : 681-701
[3]常志明,毛新军,齐治昌,基于Agent的网构软件构件模型及其实现,软件学报, 2008年5月,19(5):1113-1124
[4] Ji Wang; Rui Shen; Zhu, H.Caste-centric agent-oriented programming, Quality Software, 2005. (QSIC 2005). Volume , Issue , 19-20 Sept. 2005 : 431 - 436
[5] WANG Huaimin, TANG Yangbin, YIN Gang & LI Lei. Trustworthiness of Internet-based software. Science in China Series F: Information Sciences ,2006,49(6): 759-773
[6] Anderson J P. Computer Security Technology Planning Study. ESD-TR-73-51, Vol. I, AD-758 206, ESD/AFSC, Hanscom AFB, Bedford MA, October 1972
[7] Friedman B, Kahn P H Jr, Howe D C. Trust online. Comm of the ACM, 2000, 43(12): 34-40
[8] Feiertag R., K. Levitt, et al. (1977). Proving Multilevel Security of a System Design. Proceedings of the 6th ACM Symposium on Operating Systems Principles:57 - 65.
[9] D. Bell, L. LaPadula. Secure Computer Systems: Mathematical foundations. Technical Report: MTR-2547, Vol. I-III, MITRE Corporation, Bedford, MA, Nov. 1973.
[10] Osborn S., R. Sandhu, et al. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 2000, 3(2): 85 - 106.
[11] B. Lampson. Protection. in Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, 1971,Princeton University: 437-443
[12] Sandhu R. S., E. J. Coyne, H. L. Feinstein, et al. Role-based Access Control Models. IEEE Computer, 1996, 29(2) : 38-47.
[13] D. Ferraiolo, J.Cugini, and D.R.Kuhn.Role Based Access Control: Features and Motivations. In Annual Computer Security Applications Conference. IEEE Computer Society Press, 1995.
[14] M. Nyanchama, S. Osborn. The Role Graph Model and Conflict of Interest. AsCM Transactionson Information and System Security, Feb 1999, vol. 2:3-33
[15] Osborn S., R. Sandhu, et al. Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security. 2000, 3(2): 85 - 106.
[16] Roger M. Needham, Michael D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communication of the ACM,1978, 21(12):993–99
[17] Dorothy E. Denning, Giovanni Maria Sacco. Timestamps in Key Distribution Protocols. Communication of the ACM, 1981,24(8):533–536
[18] R M Needham, M D Schroeder. Authentication Revisited. SIGOPS Oper. Syst. Rev.,1987, 21(1):7-7
[19] Dave Otway , Owen Rees. Efficient and Timely Mutual Authentication. SIGOPS Oper. Syst. Rev.,1987, 21(1):8–10
[20] S. P. Miller, B. C. Neuman, J. I. Schiller, et al. Kerberos Authentication and Authorization System. Technical report, 1987
[21] J. Steiner, C. Neuman, J. Schiller. An Authentication Service for Open Network Systems,1988.
[22] Matt Blaze, Joan Feigenbaum, Jack Lacy. Decentralized trust management. In SP’96: Proceedings of the 1996 IEEE Symposium on Security and Privacy, IEEE Computer Society ,1996, Washington, DC,USA :164–173
[23] P. R. Zimmermann. The Official PGP User's Guide. Cambridge, MA, USA, MIT Press, 1995
[24] S. Garfinkel. PGP: Pretty Good Privacy. Sebastopol, CA: O'Reilly & Associates, Inc., 1995.ISBN 1-56592-098-8.
[25] ITU-T (Telecommunication Standardization Sector, International Telecommunication Union), Geneva, Switzerland, ITU-T Recommendation X.509: The Directory-Public-Key and Attribute Certificate Frameworks, 2000.
[26] CCITT (Consultative Committee on International Telegraphy and Telephony), CCITT Recommendation X.509: The Directory -Authentication Framework, 1988
[27] ITU-T (Telecommunication Standardization Sector, International Telecommunication Union), Geneva, Switzerland, ITU-T Recommendation X.509: The Directory-Authentication Framework,1997
[28] R. Housley, W. Ford, W. Polk, et al. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, RFC 2459, Internet Engineering Task Force, Jan. 1999.
[29] ANSI (American National Standards Institute), Washington, DC, ANSI X9.45: Enhanced Management Controls Using Digital Signatures and Attribute Certificates, 1999.
[30] S. Farrell, R. Housley. An Internet Attribute Certificate Profile for Authorization, Internet Draft draft-ietf-pkix-ac509prof-09, Internet Engineering Task Force, June 2001.
[31] Richard Hayton, Ken Moody. An Open Architecture for Secure Interworking Services. In Proceedings of the 7th workshop on ACM SIGOPS European workshop, 1996,New York, NY, USA:233–240
[32] R. J. Hayton, J. M. Bacon, K. Moody. Access Control in an Open Distributed Environment. In IEEE Symposium on Security and Privacy, May 1998: 3–14
[33] C. M. Ellison. SPKI Requirements, RFC 2692, Internet Engineering Task ForceDraft IETF,Sept. 1999
[34] C. M. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, et al. SPKI Certificate Theory, RFC 2693, Internet Engineering Task Force, Sept. 1999.
[35] M. Blaze, J. Feigenbaum, J. Ioannidis, et al. The KeyNote Trust Management System. Internet Request for Comment RFC 2704, Internet Engineering Task Force, Sept. 1999. Version 2.
[36] Matt Blaze, Joan Feigenbaum, and Angelos D. Keromytis. Keynote: Trust Management for Public Key Infrastructures. In Security Protocols - 6th International Workshop,Apr 1999 Springer-Verlag, LNCS(1550): 59–63
[37] Amir Herzberg, Yosi Mass, Joris Michaeli, et al. Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers, [C].Proceedings of the 2000 IEEE Symposium on Security and Privacy , 2000: 2-13
[38] Yang-Hua Chu, Joan Feigenbaum, Brian LaMacchia et al. REFEREE: Trust Management for Web Applications. [C].In Proceedings of 6h International World-Wide Web Conference ,Santa Clara, CA, April 1997: 953– 964
[39] W. Diffie and M. Hellman. New directions in cryptography. Information Theory, IEEE Transactions on,1976, 22(6):644–654
[40] Loren M. Kohnfelder. Towards a Practical Public-key Cryptosystem. B.S. Thesis, Supervised by L.Adleman, May 1978.
[41] International Telecommunications Union. ITU-T. 2000. Recommendation X.509, ISO/IEC 9594-8. Information technology—open systems interconnection—the directory: Public-key and attribute certificate frameworks, 4th ed. 2000.
[42] G. W. Neufeld. Descriptive Names in X.500. In SIGCOMM’89: Symposium proceedings on Communications architectures & protocols, New York, NY, USA,1989: 64–71
[43] International Telecommunications Union. ITU-T. 1997. Recommendation X.509, ISO/IEC 9594–8. Information Technology—Open Systems Interconnection—the Directory: Authentication Framework, 3rd ed. 1997.
[44] R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile, 1999.
[45] Ilari Lehti , Pekka Nikander. Certifying Trust. In PKC’98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, London, UK, 1998: 83–98
[46] Ilari Lehti, Pekka Nikander. Certifying Trust. In PKC’98: Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography, London, UK, 1998.Springer-Verlag.pages:83–98
[47] Audun J?sang, Ingar Glenn Pedersen, Dean Povey. PKI Seeks a Trusting Relationship. In ACISP'2000: Proceedings of the 5th Australasian Conference on Information Security and Privacy, London, UK, 2000. Springer-Verlag: 191–205
[48] Myers M., Ankney R., Malpani A., et al. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP, 1999
[49] Philip Zimmermann. PGP Source Code and Internals. MIT Press, Cambridge, MA, USA, 1995.
[50] International Telecommunications Union. Itu-T. 1997. Recommendation x.509, ISO/IEC 9594–8. Information Technology—Open Systems Interconnection—the Directory: Authentication Framework, 3rd ed. 1997.
[51] ANSI (American National Standards Institute). ANSI X9.45: Enhanced Management Controls Using Digital Signatures and Attribute Certificates. 1999
[52] W. Johnston, S. Mudumbai, M. Thompson. Authorization and Attribute Certificates for Widely Distributed Access Control. In WETICE’98, the 7th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. IEEE Computer Society Press, June 1998
[53] M. Thompson, W. Johnston, S. Mudumbai, G. Hoo, K. Jackson, et al. Certificate-based Access Control for Widely Distributed Resources. In Proceedings of the 8th USENIX Security Symposium (SECURITY-99), Berkely, CA, 1999 : 215–228
[54] Ian Foster, Carl Kesselman, Gene Tsudik, et al. A Security Architecture for Computational Grids. In CCS’98: Proceedings of the 5th ACM conference on Computer and communications security, New York, NY, USA, 1998. ACM Press: 83–92
[55] Randy Butler, Von Welch, Douglas Engert, et al. A National-scale Authentication Infrastructure. Computer,33(12), 2000:60–66
[56] David W. Chadwick ,Alexander Otenko. RBAC Policies in Xml for X.509 Based Privilege Management. In SEC’02: Proceedings of the IFIP TC11 17th International Conference on Information Security, Deventer, The Netherlands, The Netherlands, 2002. Kluwer, B.V: 39–54,
[57] Richard Hayton, Ken Moody. An Open Architecture for Secure Interworking Services. In Proceedings of the 7th workshop on ACM SIGOPS European workshop, New York, NY, USA, 1996. ACM Press: 233–240
[58] R. J. Hayton, J. M. Bacon, K. Moody. Access Control in an Open Distributed Environment. In IEEE Symposium on Security and Privacy, May 1998: 3–14
[59] Walt Yao, Ken Moody, Jean Bacon. A model of oasis role-based access control and its support for active security. In SACMAT’01: Proceedings of the sixth ACM symposium on Access control models and technologies, New York, NY, USA, 2001. ACM Press: 171–181
[60] Carl M. Ellison. Establishing Identity without Certification Authorities. In Proceedings of the 6th USENIX Security Symposium, San Jose, CA, USA, jul 1996. USENIX Association: 67–76
[61] IETF. Simple Public Key Infrastructure (SPKI). February 2001
[62] R. Rivest, B. Lampson. SDSI - a Simple Distributed Security Infrastructure. In CRYPTO’96 Rumpsession, 1996
[63] C. Ellison. Rfc2692,spki requirements, 1999
[64] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. SPKI Certificate Theory, 1999
[65] C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen. Simple Public Key Certicate. Internet Draft draft-ietf-spki-cert-structure-06, 1999
[66] Matt Blaze, Joan Feigenbaum, Martin Strauss. Compliance Checking in the Policymaker Trust Management System. In FC’98: Proceedings of the Second International Conference on Financial Cryptography London, UK, 1998. Springer-Verlag: 254–274
[67] M. Blaze, J. Feigenbaum, J. Lacy. Managing Trust in Medical Information Systems, 1996.
[68] M. Blaze, J. Ioannidis, A. Keromytis. Trust Management for IPSEC. ACM Trans. Inf. Syst. Secur,2002, 5(2):95–118
[69] M. Blaze, J. Feigenbaum, P. Resnick, and M. Strauss. Managing trust in an information-labeling system. European Transactions on Telecommunications, 1997,8(5):491–501
[70] M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis, The KeyNote trust management system, Internet Request for Comment RFC 2704, Internet Engineering Task Force, Sept. 1999. Version 2.
[71] Y.-H. Chu, J. Feigenbaum, B. LaMacchia, P. Resnick, and M. Strauss, REFEREE: Trust management for web applications, in Proc. 6h International World-Wide Web Conference (WWW6, Santa Clara, CA), Apr. 1997
[72] A. Herzberg et al., Access Control Meets Public Key Infrastructure, or: Assigning Roles to Strangers. IEEE Symp. Security and Privacy, 2000
[73] IBM, IBM Trust Establishment Policy Language, http://www.haifa.il.ibm.com/projects/software/e-Business/TrustManager/PolicyLanguage.html
[74] N. Li, J. C. Mitchell, W. H. Winsborough. Design of a Role-based Trust-management Framework, in IEEE Symposium on Security and Privacy,Los Angeles, CA, IEEE Computer Society Press, May 2002: 114-130
[75] S. Marsh. Formalising Trust as a Computational Concept. 1994.
[76] Alfarez Abdul-Rahman,Stephen Hailes. Supporting Trust in Virtual Communities. In HICSS’00: Proceedings of the 33rd Hawaii International Conference on System Sciences-Volume 6, page 6007, Washington, DC, USA, 2000. IEEE Computer Society
[77] Golbeck, J. Computing and Applying Trust in Web-Based Social Networks. PhD thesis, University of Maryland, College Park (2005)
[78] Golbeck, J., Hendler, J. Filmtrust: Movie recommendations using trust in webbased social networks. In: Proc. of the Consumer Communications and Networking Conference. (2006)
[79] Thomas Beth, Malte Borcherding, Birgit Klein. Valuation of Trust in Open Networks. In ESORICS’94: Proceedings of the Third European Symposium on Research in Computer Security London, UK, 1994. Springer-Verlag: 3–18
[80] P. Herrmann H. Krumm. Trust-adapted enforcement of security policies in distributed component-structured applications. In ISCC’01: Proceedings of the Sixth IEEE Symposium on Computers and Communications, page 2, Washington, DC, USA, 2001. IEEE Computer Society.
[81] J?song A., Knapskog S. A metric for trusted systems. In Proc. 21st National Security Conference, pages 16–29, 1998
[82] J?song A. A logic for Uncertain Probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems,2001, 9(3) : 279–311
[83] J?song A. Trust-based decision making for electronic transactions. In on Secure IT Systems (NORDSEC’99), Stockholm, Sweden, 1999.
[84] J?song A. The right type of trust for distributed systems. In NSPW’96: Proceedings of the 1996 workshop on New security paradigms, New York, NY, USA, 1996. ACM Press: 119–131,
[85] J?song A. A model for trust in security systems. In Proceedings of the 2nd Nordic Workshop on Secure Computer Systems, 1997.
[86] J?song A. A subjective metric of authentication. In ESORICS’98: Proceedings ofthe 5th European Symposium on Research in Computer Security, London, UK, 1998. Springer-Verlag: 329–344,
[87] Cahill, V., et al. Using trust for secure collaboration in uncertain environments. IEEE Pervasive Computing 2/3 (2003):52–61
[88] Carbone, M., Nielsen, M., Sassone, V. A formal model for trust in dynamic networks. In: Proc. of IEEE International Conference on Software Engineering and Formal Methods, Brisbane, Australia, IEEE Computer Society (2003)
[89] Sabater, J., Sierra, C.: Reputation and social network analysis in multi-agent systems. In: Proc. of the 1st International Joint Conference on Autonomous Agents and Multiagent Systems, New York, NY, USA, ACM Press (2002):475–482
[90] Sabater, J.: Trust and reputation for agent societies. PhD thesis, Institut Investigacion en Intelligencia Artificial, Spain (2003)
[91] Estrin, D. (1986). Inter-organization networks: implications of access control: requirements for interconnection protocol. ACM SIGCOMM Conference on Communications Architectures & Protocols, Stowe, VT, USA: 254 - 264.
[92] Luhmann, N. (1979). Trust and Power, John Wiley & Sons Inc.
[93] Solomon, R. and F. Flores (2001). Building Trust. New York, NY, Oxford University Press.
[94] Gambetta D. Can we trust trust? In: Gambetta D, ed. Trust: Making and Breaking Cooperative Relations. Basil Blackwell: Oxford Press, 1990:213-237.
[95] Aberer, K. and Z. Despotovic (2001). Managing trust in a peer-2-peer information system. Proceedings of the 10th International Conference on Information and Knowledge Management, Atlanta, GA:310 - 317.
[96] D.H. McKnight, N.L. Chervany. The Meaning of Trust. Techinical Report MISRC Working Paper Series 96-04, University of Minnesota, Management Information System Research Center, 1996
[97] J.F. Anderson, R. L. Brown. Risk and Insurance. Number 1-21-00 in Study Notes.Society of Actuaries, 2000
[98] Grandison, T. and Sloman, M. A Survey of Trust in Internet Applications. IEEE CommunicationsSurveys, 3(4), Fourth Quarter 2000:2–16
[99] William Joseph Adams. Decentralized Trust-Based Access Control for Dynamic Collaborative Environments, PhD paper, Virginia Polytechnic Institute and State University
[100] Keser, C. Experimental games for the design of reputation management systems. IBM Systems Journal 42(3): 498 - 506.
[101] Buchegger, S. and J.-Y. Le Boudec . A Robust Reputation System for Mobile Ad-Hoc Networks. Technical Report, Ecole Polytechnic Federal de Lausanne, July 2003.
[102] P. Resnick and R. Zeckhauser. Trust among strangers in internet transactions: Empirical analysis of ebay’s reputation system. In The Econ. Internet and EComm., volume 11 of Advances in App. Microec. Elsevier Science, 2002.
[103] J?song, A. The Beta reputation system. 15th Bled Electronic Commerce Conference e-Reality: constructing the e-Economy June 2002.
[104] R. Falcone and C. Castelfranchi. Social Trust: A Cognitive Approach, Kluwer, 2001:55-99
[105] Povey, D. Developing Electronic Trust Policies Using a Risk Management Model. In Proc. of the Secure Networking - CQRE (Secure)’99, International Exhibition and Congress, LNCS 1740, Dusseldorf, Germany, November 30 - December 2 1999. Springer:1-16
[106] J?sang, A. and S. L. Presti . Analysing the Relationship between Risk and Trust. Proceedings of the 2nd International Conference in Trust Management (iTrust 2004), Oxford, UK, 29 March - 1 April 2004:135 - 145.
[107] Prietula, M. Advice, Trust, and Gossip Among Artificial Agents. Simulating Organizational Societies: Theories, Models, and Ideas. A. Lomi and E. Larsen. Cambridge, MA, MIT Press.
[108] Prietula, M. and K. Carley (2001). Boundedly rational and emotional agents - cooperation trustand rumor. Trust and Deception in Virtual Societies. C. Castelfranchi and Y.-H. Tan. Norwood, MA, Kluwer Academic Publisher: 169– 193
[109] Sebastian Ries, Jussi Kangasharju, and Max Mühlh?user, A Classification of Trust Systems. OTM Workshops 2006, LNCS 4277: 254 - 264.
[110] James O.Berger. Statistical decision theory and Bayesian analysis (second edition).Springer-Verlag, New York Inc, 1985.
[111]盛骤,谢式千,潘承毅.概率论与数理统计.北京高等教育出版社. 2004年4月.
[112] Ireson, G., Coombs, W., Clyde, F., and Richard Y. Moss (1995). Handbook of Reliability Engineering and Management. McGraw-Hill Professional; 2nd edition
[113] Chrysler Corporation, Ford Motor Company, and General Motors Corporation (1995), Potential Failure Mode And Effect analysis (FMEA) Reference Manual.
[114] Bachmann, R. Trust, Power and Control in Trans-Organizational Relations. Organization Studies, 2001(2):341–369
[115] T Grandison. Trust Management for Internet Applications. PhD thesis, University of London,July 2003.
[116] Nathan Dimmock, Jean Bacon, David Ingram, and KenMoody, Risk models for trust-based access control (TBAC). In Proceedings of the Third Annual Conference onTrust Management (iTrust 2005), volume 3477 of LNCS.Springer-Verlag, May 2005:364-371
[117] Nathan Dimmock, How much is“enough”? Risk in Trust-based Access Control. In proceedings of The Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises(WETICE’03), 2003: 1080-1383
[118] Hung, G.Q., Nie, M., Mark, K.L.: Web-based failure mode and effect analysis, Comput. Ind. Eng., 1999(37): 177–180
[119] David D. Clark, David R. Wilson, A Comparison of Commerical and Military Computer Security Policies. 1987 IEEE Symposium on Security and Privacy: 184-195
[120] Foster I, Kesselman C. The Grid 2: Blueprint for a New Computing Infrastructure. San Francisco: Morgan Kaufmann Publishers, 2004.
[121] Oram A. Peer-to-Peer: Harnessing the Power of Disruptive Technologies. Sebastopol: O’Reilly and Associates, 2001.
[122] eMule. 2006. http://www.emule-project.net
[123] KaZaA file sharing network. 2002. http://www.kazaa.com
[124] Hughes D, Coulson G, Walkerdine J. Free riding on gnutella revisited: The bell tolls? IEEE Distributed System Online, 2005,6(6).
[125] Bernardo EA, Huberman A. Free riding on Gnutella. Technical Report, SSL-00-63, Xerox PARC, 2000.
[126] Kamvar SD, Schlosser MT. EigenRep: Reputation management in P2P networks. In: Proc. of the 12th Int'l World Wide Web Conf. New York: ACM Press, 2003:123-134.
[127] Chang E, Dillon T, Hussain FK. Trust and Reputation for Service-Oriented Environments: Technologies for Building Business Intelligence and Consumer Confidence. West Sussex: John Wiley & Sons, 2005.
[128]唐扬斌,王怀民,常俊胜.自组织虚拟计算环境中的组信誉机制.软件学报, Vol.18, No.8, August 2007:1968-1986.
[129] Kamvar SD, Schlosser MT, Garcia-Molina H. The EigenTrust algorithm for reputation management in P2P networks. In: Proc. of the 12th Int’l World Wide Web Conf. New York: ACM Press, 2003:640-651.
[130] Obreiter P, Nimis J. A taxonomy of incentive patterns—The design space of incentives for cooperation. In: Moro G, Sartori C, Singh MP, eds. Proc. of the2nd Int’l Workshop on Agents and P2P Computing. LNCS 2872, Melbourne: Springer-Verlag, 2003:678-685.
[131] G Shafer. A Mathematical Theory of Evidence. Princeton University Press, Princeton, NJ, 1976
[132] Kari Sentz. Combination of Evidence in Dempster-Shafer Theory. April 2002
[133] Gu Bao-jun, Li Xiao-yong, Wang Wei-nong. Selection of trusted providers by enforcing Bayesian Analysis in iVCE. Journal of Donghua University,2008.
[134]窦文,王怀民,贾焰,邹鹏.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报,2004,1(4):571-583
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |